Search in sources :

Example 21 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method testIssueWithOpenIdScope.

@Test(dataProvider = "grantTypeDataProvider")
public void testIssueWithOpenIdScope(String grantType) throws Exception {
    OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
    reqDTO.setGrantType(grantType);
    reqDTO.setScope((String[]) ArrayUtils.clone(SCOPES_WITH_OPENID));
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
    reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
    setupOIDCScopeTest(grantType, true);
    OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
    assertNotNull(tokenRespDTO);
    assertFalse(tokenRespDTO.isError());
    assertTrue(Arrays.deepEquals(tokenRespDTO.getAuthorizedScopes().split(" "), SCOPES_WITH_OPENID));
    assertNotNull(tokenRespDTO.getIDToken());
    assertEquals(tokenRespDTO.getIDToken(), ID_TOKEN);
}
Also used : OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) Matchers.anyString(org.mockito.Matchers.anyString) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 22 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class AccessTokenIssuerTest method testIssueWithScopes.

/**
 * Exception thrown when issuing access token by the Grant Handler
 *
 * @throws Exception
 */
@Test(dataProvider = "scopeDataProvider")
public void testIssueWithScopes(String[] scopes, String expectedScopeString) throws Exception {
    when(OAuth2Util.buildScopeString(Matchers.<String[]>anyObject())).thenCallRealMethod();
    AuthorizationGrantHandler dummyGrantHandler = getMockGrantHandlerForSuccess(false);
    OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
    reqDTO.setGrantType(DUMMY_GRANT_TYPE);
    OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
    oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
    reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
    reqDTO.setScope((String[]) ArrayUtils.clone(scopes));
    final ResponseHeader responseHeader = new ResponseHeader();
    responseHeader.setKey("Header");
    responseHeader.setValue("HeaderValue");
    final ResponseHeader[] responseHeaders = new ResponseHeader[] { responseHeader };
    // Mock Issue
    when(dummyGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {

        @Override
        public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
            OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
            // set some response headers
            context.addProperty(OAuthConstants.RESPONSE_HEADERS_PROPERTY, responseHeaders);
            String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
            context.setScope(scopeArray);
            return new OAuth2AccessTokenRespDTO();
        }
    });
    HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
    authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
    mockOAuth2ServerConfiguration(authorizationGrantHandlers);
    PowerMockito.whenNew(JDBCPermissionBasedInternalScopeValidator.class).withNoArguments().thenReturn(scopeValidator);
    when(scopeValidator.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(null);
    OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
    assertNotNull(tokenRespDTO);
    assertFalse(tokenRespDTO.isError());
    assertEquals(tokenRespDTO.getAuthorizedScopes(), expectedScopeString);
    // Assert response headers set by the grant handler
    assertNotNull(tokenRespDTO.getResponseHeaders());
    assertTrue(Arrays.deepEquals(tokenRespDTO.getResponseHeaders(), responseHeaders));
}
Also used : ResponseHeader(org.wso2.carbon.identity.oauth2.ResponseHeader) AuthorizationGrantHandler(org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler) HashMap(java.util.HashMap) Matchers.anyString(org.mockito.Matchers.anyString) OAuth2AccessTokenReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 23 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class CarbonOAuthTokenRequest method setClientAuthnContext.

private void setClientAuthnContext(HttpServletRequest request) {
    Object oauthClientAuthnContextObj = request.getAttribute(OAuthConstants.CLIENT_AUTHN_CONTEXT);
    if (oauthClientAuthnContextObj instanceof OAuthClientAuthnContext) {
        oAuthClientAuthnContext = (OAuthClientAuthnContext) oauthClientAuthnContextObj;
    } else {
        oAuthClientAuthnContext = new OAuthClientAuthnContext();
        oAuthClientAuthnContext.setAuthenticated(false);
        oAuthClientAuthnContext.setErrorMessage("Client Authentication Failed");
        oAuthClientAuthnContext.setErrorCode(OAuthError.TokenResponse.INVALID_REQUEST);
    }
}
Also used : OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)

Example 24 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2ServiceTest method testIdentityOAuth2ExceptionForRevokeTokenByOAuthClient.

@Test(dataProvider = "ExceptionforRevokeTokenByOAuthClient")
public void testIdentityOAuth2ExceptionForRevokeTokenByOAuthClient(String errorMsg, boolean setDetails, boolean throwIdentityException, boolean throwInvalidOAuthClientException, boolean failClientAuthentication) throws Exception {
    setUpRevokeToken();
    mockStatic(IdentityTenantUtil.class);
    when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
    AccessTokenDO accessTokenDO = new AccessTokenDO();
    accessTokenDO.setConsumerKey("testConsumerKey");
    accessTokenDO.setAuthzUser(authenticatedUser);
    accessTokenDO.setGrantType(GrantType.CLIENT_CREDENTIALS.toString());
    OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
    if (setDetails) {
        revokeRequestDTO.setConsumerKey("testConsumerKey");
        revokeRequestDTO.setToken("testToken");
    }
    revokeRequestDTO.setTokenType(GrantType.CLIENT_CREDENTIALS.toString());
    if (throwIdentityException) {
        doThrow(new IdentityOAuth2Exception("")).when(oAuthEventInterceptorProxy).onPreTokenRevocationByClient(any(OAuthRevocationRequestDTO.class), anyMap());
    }
    if (throwInvalidOAuthClientException) {
        when(OAuth2Util.findAccessToken(anyObject(), anyBoolean())).thenThrow(InvalidOAuthClientException.class);
    }
    if (failClientAuthentication) {
        when(OAuth2Util.findAccessToken(anyObject(), anyBoolean())).thenReturn(new AccessTokenDO());
    } else {
        OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
        oAuthClientAuthnContext.setErrorMessage(errorMsg);
        oAuthClientAuthnContext.setErrorCode(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
        revokeRequestDTO.setOauthClientAuthnContext(oAuthClientAuthnContext);
    }
    when(oAuthCache.getValueFromCache(any(OAuthCacheKey.class))).thenReturn(accessTokenDO);
    mockStatic(OAuthCache.class);
    when(OAuthCache.getInstance()).thenReturn(oAuthCache);
    assertEquals(oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO).getErrorMsg(), errorMsg);
}
Also used : AccessTokenDO(org.wso2.carbon.identity.oauth2.model.AccessTokenDO) OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO) OAuthCacheKey(org.wso2.carbon.identity.oauth.cache.OAuthCacheKey) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Example 25 with OAuthClientAuthnContext

use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2ServiceTest method testRevokeTokenByOAuthClientWithEmptyConsumerKeyAndToken.

@Test
public void testRevokeTokenByOAuthClientWithEmptyConsumerKeyAndToken() throws Exception {
    setUpRevokeToken();
    OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
    revokeRequestDTO.setOauthClientAuthnContext(new OAuthClientAuthnContext());
    assertEquals(oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO).isError(), true);
}
Also used : OAuthRevocationRequestDTO(org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) PowerMockIdentityBaseTest(org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)

Aggregations

OAuthClientAuthnContext (org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)39 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)24 Test (org.testng.annotations.Test)24 PowerMockIdentityBaseTest (org.wso2.carbon.identity.testutil.powermock.PowerMockIdentityBaseTest)21 OAuth2AccessTokenReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO)12 OAuth2AccessTokenRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO)10 Matchers.anyString (org.mockito.Matchers.anyString)9 HashMap (java.util.HashMap)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)8 OAuthRevocationRequestDTO (org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO)7 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)6 AuthorizationGrantHandler (org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler)6 Map (java.util.Map)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)3 Response (javax.ws.rs.core.Response)3 BeforeTest (org.testng.annotations.BeforeTest)3 Consumes (javax.ws.rs.Consumes)2 POST (javax.ws.rs.POST)2 Path (javax.ws.rs.Path)2